npm - @cosmicdrift/kumiko-bundled-features - Versions diffs - 0.2.3 → 0.4.0 - Mend

@cosmicdrift/kumiko-bundled-features 0.2.3 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (127) hide show

package/src/user/seeding.ts CHANGED Viewed

@@ -57,7 +57,7 @@ export async function seedUser(db: DbConnection, options: SeedUserOptions): Prom
   const tdb = createTenantDb(db, by.tenantId, "system");
   const existing = await fetchOne(db, userTable, eq(userTable["email"], options.email));
-  if (existing) return existing["id"] as string;
+  if (existing) return existing["id"] as string; // @cast-boundary db-row
   const result = await userExecutor.create(
     {
@@ -86,7 +86,7 @@ export async function seedUser(db: DbConnection, options: SeedUserOptions): Prom
 // als ehrlicher Throw rauskommt statt downstream als undefined-Bug.
 function extractId(data: unknown, who: string): string {
   if (typeof data === "object" && data !== null && "id" in data) {
-    const id = (data as { id: unknown }).id;
+    const id = (data as { id: unknown }).id; // @cast-boundary engine-bridge
     if (typeof id === "string") return id;
   }
   throw new Error(`${who}: executor.create result has no string id (got ${JSON.stringify(data)})`);

package/src/user-data-rights/feature.ts CHANGED Viewed

@@ -238,7 +238,7 @@ export function createUserDataRightsFeature(opts: UserDataRightsOptions = {}): F
           _userId: ctx._userId ?? SYSTEM_USER_ID,
         };
         await runExportJobs({
-          db: ctx.db as import("@cosmicdrift/kumiko-framework/db").DbConnection,
+          db: ctx.db as import("@cosmicdrift/kumiko-framework/db").DbConnection, // @cast-boundary db-operator
           registry: ctx.registry,
           buildStorageProvider: async (tenantId) =>
             createFileProviderForTenant(providerCtx, tenantId, "user-data-rights:run-export-jobs"),
@@ -268,11 +268,12 @@ async function mapQueryResponseToRedirect(
 ): Promise<Response> {
   if (!queryRes.ok) {
     const errorBody = await queryRes.text();
-    return c.body(errorBody, queryRes.status as 400 | 401 | 404 | 410 | 500, {
+    const statusCode = queryRes.status as 400 | 401 | 404 | 410 | 500; // @cast-boundary engine-payload
+    return c.body(errorBody, statusCode, {
       "content-type": queryRes.headers.get("content-type") ?? "application/json",
     });
   }
-  const body = (await queryRes.json()) as { data?: { url?: string } };
+  const body = (await queryRes.json()) as { data?: { url?: string } }; // @cast-boundary engine-payload
   if (!body.data?.url) {
     return c.json({ error: "download_resolution_failed" }, 500);
   }

package/src/user-data-rights/handlers/cancel-deletion.write.ts CHANGED Viewed

@@ -77,7 +77,7 @@ export const cancelDeletionWrite = defineWriteHandler({
       data: {
         userId: event.user.id,
         status: USER_STATUS.Active,
-        gracePeriodEnd: null as string | null,
+        gracePeriodEnd: null as string | null, // @cast-boundary generic-record
       },
     };
   },

package/src/user-data-rights/handlers/download-by-job.query.ts CHANGED Viewed

@@ -80,11 +80,11 @@ export const downloadByJobQuery = defineQueryHandler({
       ctx.db.raw,
       exportJobsTable,
       eq(exportJobsTable["id"], jobId),
-    )) as JobRow | null;
+    )) as JobRow | null; // @cast-boundary db-row
     if (!jobRow || jobRow.userId !== userId) {
       await recordInvalidAttempt({
-        db: ctx.db.raw as DbConnection,
+        db: ctx.db.raw as DbConnection, // @cast-boundary db-runner
         tenantId,
         now,
         result: "notFound",
@@ -102,7 +102,7 @@ export const downloadByJobQuery = defineQueryHandler({
     if (jobRow.status !== EXPORT_JOB_STATUS.Done) {
       await recordInvalidAttempt({
-        db: ctx.db.raw as DbConnection,
+        db: ctx.db.raw as DbConnection, // @cast-boundary db-runner
         tenantId,
         now,
         result: "failed",
@@ -119,7 +119,7 @@ export const downloadByJobQuery = defineQueryHandler({
     }
     if (!jobRow.downloadStorageKey) {
       await recordInvalidAttempt({
-        db: ctx.db.raw as DbConnection,
+        db: ctx.db.raw as DbConnection, // @cast-boundary db-runner
         tenantId,
         now,
         result: "expired",
@@ -142,7 +142,7 @@ export const downloadByJobQuery = defineQueryHandler({
     );
     if (!provider.getSignedUrl) {
       await recordInvalidAttempt({
-        db: ctx.db.raw as DbConnection,
+        db: ctx.db.raw as DbConnection, // @cast-boundary db-runner
         tenantId,
         now,
         result: "signedUrlNotSupported",
@@ -177,20 +177,17 @@ export const downloadByJobQuery = defineQueryHandler({
       ctx.db.raw,
       exportDownloadTokensTable,
       eq(exportDownloadTokensTable["jobId"], jobId),
-    )) as TokenRow | null;
+    )) as TokenRow | null; // @cast-boundary db-row
     if (tokenRow) {
       await recordDownloadUse({
-        // @cast-boundary db: ctx.db.raw ist DbRunner, im query-pfad immer
-        // Connection. Cast legit weil recordDownloadUse intern createTenantDb
-        // braucht.
-        db: ctx.db.raw as DbConnection,
+        db: ctx.db.raw as DbConnection, // @cast-boundary db-runner
         tokenId: tokenRow.id,
         tokenVersion: tokenRow.version,
         tokenUseCount: tokenRow.useCount ?? 0,
         tenantId: jobRow.requestedFromTenantId as Parameters<
           typeof recordDownloadUse
-        >[0]["tenantId"],
+        >[0]["tenantId"], // @cast-boundary engine-bridge
         now,
         ip: query.payload.auditMeta?.ip ?? null,
         userAgent: query.payload.auditMeta?.userAgent ?? null,

package/src/user-data-rights/handlers/download-by-token.query.ts CHANGED Viewed

@@ -91,7 +91,7 @@ export const downloadByTokenQuery = defineQueryHandler({
       ctx.db.raw,
       exportDownloadTokensTable,
       eq(exportDownloadTokensTable["tokenHash"], hash),
-    )) as TokenRow | null;
+    )) as TokenRow | null; // @cast-boundary db-row
     if (!tokenRow) {
       // Invalid token — 404 ohne Existenz-Leak. Generic NotFoundError
@@ -120,13 +120,14 @@ export const downloadByTokenQuery = defineQueryHandler({
         ctx.db.raw,
         exportJobsTable,
         eq(exportJobsTable["id"], tokenRow.jobId),
-      )) as { requestedFromTenantId: string } | null;
+      )) as { requestedFromTenantId: string } | null; // @cast-boundary db-row
       if (jobForAudit) {
+        const auditDb = ctx.db.raw as DbConnection; // @cast-boundary db-runner
         await recordInvalidAttempt({
-          db: ctx.db.raw as DbConnection,
+          db: auditDb,
           tenantId: jobForAudit.requestedFromTenantId as Parameters<
             typeof recordInvalidAttempt
-          >[0]["tenantId"],
+          >[0]["tenantId"], // @cast-boundary engine-bridge
           now,
           result: "expired",
           via: "token",
@@ -147,7 +148,7 @@ export const downloadByTokenQuery = defineQueryHandler({
       ctx.db.raw,
       exportJobsTable,
       eq(exportJobsTable["id"], tokenRow.jobId),
-    )) as JobRow | null;
+    )) as JobRow | null; // @cast-boundary db-row
     if (!jobRow) {
       throw new NotFoundError("export-download", undefined, {
@@ -156,10 +157,10 @@ export const downloadByTokenQuery = defineQueryHandler({
     }
     if (jobRow.status !== EXPORT_JOB_STATUS.Done) {
       await recordInvalidAttempt({
-        db: ctx.db.raw as DbConnection,
+        db: ctx.db.raw as DbConnection, // @cast-boundary db-runner
         tenantId: jobRow.requestedFromTenantId as Parameters<
           typeof recordInvalidAttempt
-        >[0]["tenantId"],
+        >[0]["tenantId"], // @cast-boundary engine-bridge
         now,
         result: "failed",
         via: "token",
@@ -175,10 +176,10 @@ export const downloadByTokenQuery = defineQueryHandler({
     }
     if (!jobRow.downloadStorageKey) {
       await recordInvalidAttempt({
-        db: ctx.db.raw as DbConnection,
+        db: ctx.db.raw as DbConnection, // @cast-boundary db-runner
         tenantId: jobRow.requestedFromTenantId as Parameters<
           typeof recordInvalidAttempt
-        >[0]["tenantId"],
+        >[0]["tenantId"], // @cast-boundary engine-bridge
         now,
         result: "expired",
         via: "token",
@@ -202,10 +203,10 @@ export const downloadByTokenQuery = defineQueryHandler({
     );
     if (!provider.getSignedUrl) {
       await recordInvalidAttempt({
-        db: ctx.db.raw as DbConnection,
+        db: ctx.db.raw as DbConnection, // @cast-boundary db-runner
         tenantId: jobRow.requestedFromTenantId as Parameters<
           typeof recordInvalidAttempt
-        >[0]["tenantId"],
+        >[0]["tenantId"], // @cast-boundary engine-bridge
         now,
         result: "signedUrlNotSupported",
         via: "token",
@@ -235,14 +236,11 @@ export const downloadByTokenQuery = defineQueryHandler({
     // Wrapper (trusted-source). Direct-API-caller koennen luegen, aber
     // Audit ist nicht security-relevant.
     await recordDownloadUse({
-      // @cast-boundary db: ctx.db.raw ist DbRunner (Connection|Tx),
-      // im query-handler-Pfad ist es immer Connection. Cast legit weil
-      // recordDownloadUse intern createTenantDb braucht (DbConnection).
-      db: ctx.db.raw as DbConnection,
+      db: ctx.db.raw as DbConnection, // @cast-boundary db-runner
       tokenId: tokenRow.id,
       tokenVersion: tokenRow.version,
       tokenUseCount: tokenRow.useCount ?? 0,
-      tenantId: jobRow.requestedFromTenantId as Parameters<typeof recordDownloadUse>[0]["tenantId"],
+      tenantId: jobRow.requestedFromTenantId as Parameters<typeof recordDownloadUse>[0]["tenantId"], // @cast-boundary engine-bridge
       now,
       ip: query.payload.auditMeta?.ip ?? null,
       userAgent: query.payload.auditMeta?.userAgent ?? null,

package/src/user-data-rights/handlers/export-status.query.ts CHANGED Viewed

@@ -55,7 +55,7 @@ export const exportStatusQuery = defineQueryHandler({
       .from(exportJobsTable)
       .where(eq(exportJobsTable["userId"], query.user.id))
       .orderBy(desc(exportJobsTable["requestedAt"]))
-      .limit(1)) as ExportJobRow[];
+      .limit(1)) as ExportJobRow[]; // @cast-boundary db-row
     const latest = rows[0];
     if (!latest) return { hasJob: false as const };

package/src/user-data-rights/handlers/request-deletion.write.ts CHANGED Viewed

@@ -69,7 +69,7 @@ export function createRequestDeletionHandler(opts: RequestDeletionOptions = {})
         createSystemUser(event.user.tenantId),
         "compliance-profiles:query:for-tenant",
         {},
-      )) as { profile: { userRights: { gracePeriod: DurationSpec } } };
+      )) as { profile: { userRights: { gracePeriod: DurationSpec } } }; // @cast-boundary engine-payload
       // addDurationSpec deckt `{days}` und `{hours}` ab. App-Server-Clock
       // ist authoritative — instant() customType nimmt Temporal.Instant

package/src/user-data-rights/handlers/request-export.write.ts CHANGED Viewed

@@ -50,7 +50,7 @@ function isActiveJobConflict(failure: WriteFailure): boolean {
   const error = failure.error as {
     code?: string;
     details?: { constraintName?: string };
-  };
+  }; // @cast-boundary error-details
   return (
     error.code === "unique_violation" && error.details?.constraintName === ACTIVE_JOB_CONSTRAINT
   );
@@ -124,7 +124,7 @@ export const requestExportWrite = defineWriteHandler({
     // Happy path: neuer Job. SaveContext.id ist EntityId (number | string);
     // exportJobEntity hat idType:"uuid" → garantiert string, String()
     // schuetzt vor Drift falls jemand die Entity auf serial migriert.
-    const created = result.data as SaveContext;
+    const created = result.data as SaveContext; // @cast-boundary engine-payload
     return {
       isSuccess: true as const,
       data: {

package/src/user-data-rights/run-export-jobs.ts CHANGED Viewed

@@ -449,7 +449,7 @@ async function processJob(args: {
       // persistiert).
       throw new Error(
         `Job ${job.id}: Token-Creation failed before done-flip. ` +
-          `${(tokenCreateResult as { error?: { code?: string } }).error?.code ?? "unknown"}`,
+          `${(tokenCreateResult as { error?: { code?: string } }).error?.code ?? "unknown"}`, // @cast-boundary engine-payload
       );
     }
@@ -479,7 +479,7 @@ async function processJob(args: {
       // gecleared.
       throw new Error(
         `Job ${job.id}: failed to flip status=done after successful Token-Create. ` +
-          `${(doneResult as { error?: { code?: string } }).error?.code ?? "unknown"}`,
+          `${(doneResult as { error?: { code?: string } }).error?.code ?? "unknown"}`, // @cast-boundary engine-payload
       );
     }

package/src/user-data-rights/run-forget-cleanup.ts CHANGED Viewed

@@ -131,7 +131,7 @@ export async function runForgetCleanup(
   const usages = registry.getExtensionUsages(EXT_USER_DATA);
   const hookEntries: HookEntry[] = usages
     .map((u): HookEntry | null => {
-      const opts = (u.options ?? {}) as { delete?: UserDataDeleteHook };
+      const opts = (u.options ?? {}) as { delete?: UserDataDeleteHook }; // @cast-boundary engine-payload
       return opts.delete ? { entityName: u.entityName, deleteHook: opts.delete } : null;
     })
     .filter((x): x is HookEntry => x !== null);
@@ -259,36 +259,35 @@ async function processUser(args: {
   let currentTenantId: TenantId | null = null;
   let currentEntityName: string | null = null;
   try {
-    await (
-      db as { transaction: (fn: (tx: DbRunner) => Promise<void>) => Promise<void> }
-    ).transaction(async (tx) => {
-      for (const tenantId of tenantList) {
-        currentTenantId = tenantId;
-        for (const entry of hookEntries) {
-          currentEntityName = entry.entityName;
-          const policy = await resolveRetentionPolicyForTenant({
-            db: tx,
-            registry,
-            tenantId,
-            entityName: entry.entityName,
-          });
-          const strategy = policyToStrategy(policy.policy?.strategy ?? null);
+    await (db as { transaction: (fn: (tx: DbRunner) => Promise<void>) => Promise<void> }) // @cast-boundary db-runner
+      .transaction(async (tx) => {
+        for (const tenantId of tenantList) {
+          currentTenantId = tenantId;
+          for (const entry of hookEntries) {
+            currentEntityName = entry.entityName;
+            const policy = await resolveRetentionPolicyForTenant({
+              db: tx,
+              registry,
+              tenantId,
+              entityName: entry.entityName,
+            });
+            const strategy = policyToStrategy(policy.policy?.strategy ?? null);
-          hookCallsAttempted++;
-          await entry.deleteHook({ db: tx, tenantId, userId }, strategy);
+            hookCallsAttempted++;
+            await entry.deleteHook({ db: tx, tenantId, userId }, strategy);
+          }
         }
-      }
-      // Status-Flip in derselben Sub-Tx. Falls einer der Hooks oben
-      // geworfen hat, kommen wir hier nicht an — die Tx rollback'd
-      // alles, der User bleibt im DeletionRequested-Status, naechster
-      // Run retried.
-      await tx
-        .update(userTable)
-        .set({ status: USER_STATUS.Deleted })
-        .where(eq(userTable["id"], userId));
-      txSucceeded = true;
-    });
+        // Status-Flip in derselben Sub-Tx. Falls einer der Hooks oben
+        // geworfen hat, kommen wir hier nicht an — die Tx rollback'd
+        // alles, der User bleibt im DeletionRequested-Status, naechster
+        // Run retried.
+        await tx
+          .update(userTable)
+          .set({ status: USER_STATUS.Deleted })
+          .where(eq(userTable["id"], userId));
+        txSucceeded = true;
+      });
   } catch (e) {
     // currentTenantId/currentEntityName tracken den Failing-Hook —
     // Operator sieht "Hook fileRef in Tenant A failed for user X" statt

package/src/user-data-rights/run-user-export.ts CHANGED Viewed

@@ -128,7 +128,7 @@ export async function runUserExport(args: RunUserExportArgs): Promise<UserExport
   const usages = registry.getExtensionUsages(EXT_USER_DATA);
   const hookEntries: HookEntry[] = usages
     .map((u): HookEntry | null => {
-      const opts = (u.options ?? {}) as { export?: UserDataExportHook };
+      const opts = (u.options ?? {}) as { export?: UserDataExportHook }; // @cast-boundary engine-payload
       return opts.export ? { entityName: u.entityName, exportHook: opts.export } : null;
     })
     .filter((x): x is HookEntry => x !== null);

package/src/user-data-rights/token-helpers.ts CHANGED Viewed

@@ -53,7 +53,7 @@ function uint8ArrayToBase64Url(bytes: Uint8Array): string {
   // btoa erwartet binary-string. atob/btoa sind universal in Bun + Node + Browser.
   let binary = "";
   for (let i = 0; i < bytes.length; i++) {
-    binary += String.fromCharCode(bytes[i] as number);
+    binary += String.fromCharCode(bytes[i] as number); // @cast-boundary dynamic-key
   }
   return btoa(binary).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
 }
@@ -61,7 +61,7 @@ function uint8ArrayToBase64Url(bytes: Uint8Array): string {
 function uint8ArrayToHex(bytes: Uint8Array): string {
   let out = "";
   for (let i = 0; i < bytes.length; i++) {
-    out += (bytes[i] as number).toString(16).padStart(2, "0");
+    out += (bytes[i] as number).toString(16).padStart(2, "0"); // @cast-boundary dynamic-key
   }
   return out;
 }

package/src/user-data-rights-defaults/hooks/file-ref.userdata-hook.ts CHANGED Viewed

@@ -45,7 +45,7 @@ export const fileRefExportHook: UserDataExportHook = async (ctx) => {
   // .toString() funktioniert sowohl auf Temporal.Instant als auch
   // Date.
   const rows = rawRows.map((r) => {
-    const row = r as Record<string, unknown>;
+    const row = r as Record<string, unknown>; // @cast-boundary recursive-walk
     return {
       id: String(row["id"]),
       storageKey: String(row["storageKey"]),

package/src/user-data-rights-defaults/hooks/user.userdata-hook.ts CHANGED Viewed

@@ -38,7 +38,7 @@ export const userExportHook: UserDataExportHook = async (ctx) => {
     displayName: string;
     locale: string;
     emailVerified: boolean;
-  } | null;
+  } | null; // @cast-boundary db-runner
   if (!row) return null;